High CVE-2024-3832: Object corruption in V8
High CVE-2024-3833: Object corruption in WebAssembly
High CVE-2024-3914: Use after free in V8
High CVE-2024-3834: Use after free in Downloads
Medium CVE-2024-3837: Use after free in QUIC
Medium CVE-2024-3838: Inappropriate implementation in Autofill
Medium CVE-2024-3839: Out of bounds read in Fonts
Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation
Medium CVE-2024-3841: Insufficient data validation in Browser Switcher
Medium CVE-2024-3843: Insufficient data validation in Downloads
Low CVE-2024-3844: Inappropriate implementation in Extensions
Low CVE-2024-3845: Inappropriate implementation in Network
Low CVE-2024-3846: Inappropriate implementation in Prompts
Low CVE-2024-3847: Insufficient policy enforcement in WebUI
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ODSP for Microsoft Azure. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8.
This vulnerability allows remote attackers to delete arbitrary files on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-27984.
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2024-27978.
This vulnerability allows remote attackers to delete arbitrary files on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-27977.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-27976.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-27975.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-25000.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-24999.